[Chugalug] Curl and client SSL certs

James Nylen jnylen at gmail.com
Wed Mar 6 20:11:12 UTC 2013


I haven't done this before, but the man page of curl is somewhat confusing
regarding --cert and --key together.

Try this (it looks like it worked here
http://stackoverflow.com/questions/7677994 ):
cat test.crt test.key > test.pem
curl --cert test.pem https://someweb.site

Are the cert and key files PEM?  If not, it looks like you'll need
--cert-type and/or --key-type.


On Wed, Mar 6, 2013 at 2:58 PM, Stephen Haywood <
stephen at averagesecurityguy.info> wrote:

> I am trying to access a web site with a client side cert using the Curl
> command, curl --cert test.crt --key test.key https://someweb.site. Curl
> returns this error message: curl: (58) unable to use client certificate (no
> key found or wrong pass phrase?). I have verified that the cert and key go
> together using openssl x509 -noout -modulus -in test.crt | openssl md5and openssl
> rsa -noout -modulus -in test.key | openssl md5, which both return the
> same MD5 sum. I have also verified the key does not have a passphrase using openssl
> rsa -in test.key -out test_nopw.key, which did not request a password.
> Any thoughts on what may be happening? Am I missing something obvious?
>
> --
> Stephen Haywood
> Information Security Consultant
> CISSP, GSEC, OSCP
> T: @averagesecguy
> W: averagesecurityguy.info
>
> _______________________________________________
> Chugalug mailing list
> Chugalug at chugalug.org
> http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://chugalug.org/pipermail/chugalug/attachments/20130306/691c6c76/attachment.html>


More information about the Chugalug mailing list